the gdpr incident response plan - also€¦ · the gdpr incident response plan how to help your...
TRANSCRIPT
accessing privileged accounts was the number one choice for the easiest and fastest way to get at sensitive data
32 %OF HACKERS SAY
HACKERS TARGETPersonal Identifiable Information
• Full name (if not common)• Home address
• Email address • National identification number• Passport number
• IP address or Mac Address• Vehicle registration plate number• Biometric Information
YOU
• Driver's license number• Face, fingerprints, or handwriting
• Credit card numbers• Digital identity• Date of birth
• Birthplace• Genetic information• Telephone number
• Login name, screen name, nicknames
EC DATA PROTECTION REGULATION
EU General Data Protection Regulation intends to strengthen and unify data protection for individuals within the EU.
Addresses export of personal data outside the EU.
Give citizens back the control of their personal data.
Simplify the regulatory environment for international business by unifying the regulation within the EU.
Replaces the data protection directive (officially Directive 95/46/EC) from 1995.
DATA PROTECTION PRINCIPLES –ARTICLE 5
• Adequate, relevant & not excessive
• Fairly and lawfully processed
• Obtained only for specified purposes
• Accurate and up-to-date
• Processed in line with the rights afforded to individuals
• Not kept for longer than necessary
• Not transferred to countries outside the EEA without adequate protection
• Accountability
• Kept Secure
• Consent• Data Protection Officer• Data Breaches - 72 hours
• Legal Obligations to Notify without undue delay
• Data Portability• Right to Erasure• Joint Liability for Cloud• Sanctions for failure to comply
EU GDPR EXECUTIVE SUMMARY
EU CITIZENS Collecting or Processing PII?
• Full name (if not common)• Home address
• Email address • National identification number• Passport number
• IP address or Mac Address• Vehicle registration plate number• Biometric Information
• Driver's license number• Face, fingerprints, or handwriting
• Credit card numbers• Digital identity• Date of birth
• Birthplace• Genetic information• Telephone number
• Login name, screen name, nicknames
Where is the Personal Identifiable Information (PII) stored?
Application Unix Server Windows Server Database Network Device Workstation
PRIVILEGED ACCOUNTS & WHAT THREATS DO THEY POSE?
ü Non-human accounts used by IT staff which often have unfettered access to critical data and systems i.e. Domain Admin, root.
ü Exist everywhere in nearly every connected device, server, hypervisor, OS, DB, or application: on-premises & cloud.
ü Represent one of the most vulnerable aspects of an organization’s IT infrastructure.
MALWARE
RANSOMWARE
SENSITIVE DATA LOSS
INSIDER ATTACKS & DATA LEAKS
DATA POISONING
SERVICE DISRUPTION
FINANCIAL FRAUD
DATA PROTECTION PRINCIPLES:MUST PROTECT PRIVILEGED ACCOUNTS
EU Citizens Personal Data (PII)
Privileged Accounts
Privileged AccountManagement
Ext. User
Application
Unix Server
Windows Server
Database
Network Device
Int. User
Attacker
Active DirectoryAdmin
PAM
Monitor
Audit
Control
Workstation
ProtectingandSecuringPrivilegedAccounts
You may be told of this Breach by an outsider, most frequently!
Law Enforcement (41%)
Third Parties including customers (35%)
Incident Response Checklist• Ownership• Communications• Contact List• Clear Definition of Threat
1. Confidentiality – Data Loss
2. Integrity – Data Poisoning
3. Availability - DDOS
• In-House Capability and 3rd
Party Responsibility• Containment (Evidence) • Press Statement• Legal Assessment• Eradication• Recovery• Lessons Learned
Is the boardroom prepared?• Ownership – Defined Roles• Communications and PR• Contact List• Cyber Awareness • Red Team Exercise• Press Statement
20% of Forbes 50
10% of Forbes Global 2000
4 of top 5 in Software****based on Forbes Global 2000 Classification
Finalist, Best Customer Service
WhoisThycotic?Thycotic prevents cyber attacks with multiple layers of security.
7,500 customers around the world from Fortune 5 to mid-market to small IT departments.
Headquarters in Washington, DC. Offices in London and Sydney. Established in 1996.
Rated top in class for customer satisfaction*.
*Forrester Research independent survey.
20 Most Promising Enterprise Security Companies 2016
5/5 STARS – SC Magazine
Honoree, 2013, 2014, 2015, 2016
2014 Finalist, Security and Compliance
2016 Finalist, Security